Comment 27 for bug 413656

I had an RHEL 4 system compromised today due to this issue.

Using GDB I was able to core dump the processes and found the web site from
which they obtained the exploit code. I have copies of the exploit code if
someone is interested. They entered the system through a web application
exploit and then used the exploit to gain a root shell.

I have applied the mitigation techniques above until a updated kernel is made